add separated out steps
This commit is contained in:
Megan Marsh
Matthew Hooker
parent
53ff257cf0
commit
531cb2244d
|
|
@ -0,0 +1,58 @@
|
|||
package classic
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/go-oracle-terraform/compute"
|
||||
"github.com/hashicorp/packer/packer"
|
||||
"github.com/mitchellh/multistep"
|
||||
)
|
||||
|
||||
type stepAddKeysToAPI struct{}
|
||||
|
||||
func (s *stepAddKeysToAPI) Run(state multistep.StateBag) multistep.StepAction {
|
||||
// get variables from state
|
||||
ui := state.Get("ui").(packer.Ui)
|
||||
ui.Say("Adding SSH keys to API...")
|
||||
config := state.Get("config").(*Config)
|
||||
client := state.Get("client").(*compute.ComputeClient)
|
||||
|
||||
// grab packer-generated key from statebag context.
|
||||
sshPublicKey := strings.TrimSpace(state.Get("publicKey").(string))
|
||||
|
||||
// form API call to add key to compute cloud
|
||||
sshKeyName := fmt.Sprintf("/Compute-%s/%s/packer_generated_key", config.IdentityDomain, config.Username)
|
||||
|
||||
sshKeysClient := client.SSHKeys()
|
||||
sshKeysInput := compute.CreateSSHKeyInput{
|
||||
Name: sshKeyName,
|
||||
Key: sshPublicKey,
|
||||
Enabled: true,
|
||||
}
|
||||
|
||||
// Load the packer-generated SSH key into the Oracle Compute cloud.
|
||||
keyInfo, err := sshKeysClient.CreateSSHKey(&sshKeysInput)
|
||||
if err != nil {
|
||||
// Key already exists; update key instead of creating it
|
||||
if strings.Contains(err.Error(), "packer_generated_key already exists") {
|
||||
updateKeysInput := compute.UpdateSSHKeyInput{
|
||||
Name: sshKeyName,
|
||||
Key: sshPublicKey,
|
||||
Enabled: true,
|
||||
}
|
||||
keyInfo, err = sshKeysClient.UpdateSSHKey(&updateKeysInput)
|
||||
} else {
|
||||
err = fmt.Errorf("Problem adding Public SSH key through Oracle's API: %s", err)
|
||||
ui.Error(err.Error())
|
||||
state.Put("error", err)
|
||||
return multistep.ActionHalt
|
||||
}
|
||||
}
|
||||
state.Put("key_name", keyInfo.Name)
|
||||
return multistep.ActionContinue
|
||||
}
|
||||
|
||||
func (s *stepAddKeysToAPI) Cleanup(state multistep.StateBag) {
|
||||
// Nothing to do
|
||||
}
|
||||
|
|
@ -0,0 +1,70 @@
|
|||
package classic
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/go-oracle-terraform/compute"
|
||||
"github.com/hashicorp/packer/packer"
|
||||
"github.com/mitchellh/multistep"
|
||||
)
|
||||
|
||||
type stepSecurity struct{}
|
||||
|
||||
func (s *stepSecurity) Run(state multistep.StateBag) multistep.StepAction {
|
||||
// TODO create overrides that allow savvy users to add the image to their
|
||||
// own security lists instead of ours
|
||||
ui := state.Get("ui").(packer.Ui)
|
||||
ui.Say("Configuring security lists and rules...")
|
||||
config := state.Get("config").(*Config)
|
||||
client := state.Get("client").(*compute.ComputeClient)
|
||||
|
||||
secListName := fmt.Sprintf("/Compute-%s/%s/Packer_SSH_Allow",
|
||||
config.IdentityDomain, config.Username)
|
||||
secListClient := client.SecurityLists()
|
||||
secListInput := compute.CreateSecurityListInput{
|
||||
Description: "Packer-generated security list to give packer ssh access",
|
||||
Name: secListName,
|
||||
}
|
||||
_, err := secListClient.CreateSecurityList(&secListInput)
|
||||
if err != nil {
|
||||
if !strings.Contains(err.Error(), "already exists") {
|
||||
err = fmt.Errorf("Error creating security security IP List to"+
|
||||
" allow Packer to connect to Oracle instance via SSH: %s", err)
|
||||
ui.Error(err.Error())
|
||||
state.Put("error", err)
|
||||
return multistep.ActionHalt
|
||||
}
|
||||
}
|
||||
secListURI := fmt.Sprintf("%s/seclist/Compute-%s/%s/Packer_SSH_Allow",
|
||||
config.APIEndpoint, config.IdentityDomain, config.Username)
|
||||
log.Printf("Megan secListURI is %s", secListURI)
|
||||
// DOCS NOTE: user must have Compute_Operations role
|
||||
// Create security rule that allows Packer to connect via SSH
|
||||
|
||||
secRulesClient := client.SecRules()
|
||||
secRulesInput := compute.CreateSecRuleInput{
|
||||
Action: "PERMIT",
|
||||
Application: "/oracle/public/ssh",
|
||||
Description: "Packer-generated security rule to allow ssh",
|
||||
DestinationList: fmt.Sprintf("seclist:%s", secListName),
|
||||
Name: "Packer-allow-SSH-Rule",
|
||||
SourceList: "seciplist:/oracle/public/public-internet",
|
||||
}
|
||||
|
||||
_, err = secRulesClient.CreateSecRule(&secRulesInput)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("Error creating security rule to allow Packer to connect to Oracle instance via SSH: %s", err)
|
||||
ui.Error(err.Error())
|
||||
state.Put("error", err)
|
||||
return multistep.ActionHalt
|
||||
}
|
||||
|
||||
state.Put("security_list", secListName)
|
||||
return multistep.ActionContinue
|
||||
}
|
||||
|
||||
func (s *stepSecurity) Cleanup(state multistep.StateBag) {
|
||||
// Nothing to do
|
||||
}
|
||||
Loading…
Reference in New Issue